Improving IAM Posture to Strengthen Cyber Resilience

A few days ago, Mr. S. Somanath, Chairperson, Indian Space Research Organization (ISRO) revealed that the organization faces more than 100 hacking attempts daily. Mr. Somanath made this alarming revelation at an exclusive two-day international cyber conference in Kochi. He also added that the possibility of cyber-attacks is much higher in space technologies because of […]

3 Major Cyber Incidents in 2023 and Lessons Learnt

Incident 1 The Reserve Bank of India (RBI) has slapped a whopping fine of INR 5.39 crore on one of the well-known Banks from India in October 2023 for not complying with the standard RBI guidelines related to KYC norms. Also, the organization failed to report incidents of cyber security breaches in time. Post-investigation find-outs: […]

The DPDP Act and Managing Personal Data

About the New Act The regulatory compliance landscape in India took a new turn after the official announcement of the Digital Personal Data Protection (DPDP) Act, August 2023. The new act adopts a more improved, and advanced approach to data protection and data privacy. It is bound to make an impact on industries as well. […]

The RBI Guidelines and the Risk of Noncompliance

Recently, the Reserve Bank of India (RBI) has imposed a hefty penalty of around 65 lakhs, roughly USD 80,000, on one of the Co-Operative banks from a southern state of India due to non-compliance with the RBI guidelines on Information Security.  A dedicated cyber team from the RBI investigated the matter and made a thorough […]

Miscommunication and IT Security Risks

Ever heard about “The Listening Chain” game in corporates? Many corporate houses practice this game as a part of their enhancement of listening and execution skills. A human chain is formed where everyone whispers a word or a phrase in the other’s ears just once and he/she needs to repeat the same word/ phrase to […]

Critical Infrastructure and Increasing Security Vulnerability

Recently, one of the largest telecom services providers from the US suffered a data breach of almost 37 million prepaid and postpaid customers. Forensic investigations into the breach revealed that a malicious actor managed to infiltrate one of the critical systems in the network and siphoned off sensitive user information by violating user authorization. Once […]

Why is it so crucial to adhere to IT Standards and Compliance Guidelines?

Regulatory bodies and central banks have laid down several IT security standards and mandates across the world. For example, NIST, SOC2, FedRAMP, GDPR, RBI Guidelines, PCI DSS, HIPAA, SWIFT CSCF, SOX, and ISO 27001 are just a few examples. It is about the changing IT infrastructure and operational setups. Today data is widely distributed in […]

Pharming: A growing cyber menace that dupes netizens

Your smartphone suddenly beeps with the SMS: “Your internet banking user ID linked to your A/C No. Xxxxxxxxxx62 will expire tomorrow. Please click here to generate a new user ID – http://” Or sometimes with SMSs like: “Congratulations on being a loyal customer of ABC bank! On completion of 5 long years with us, we […]

Supply Chain is the New Vulnerable Link in Cyberattacks

The Context There is a proverb: “If you pull the ear, the head follows you automatically.”  Hacktivists, rogue nation states, and organized cyber criminals are adopting this policy extensively nowadays. In order to hurt any organization, cybercriminals target supply chains. In the era of globalization and digitalization, organizations of all shapes and sizes depend a […]

Another bank heist: Are banks equipped with adequate access management safeguards?

The incident that reraised the question of ‘Trust’ Remember the infamous bank heist in 2016 that targeted one of the central banks in South Asia? We are not sure if we have learned any lessons from that incident. Recently, cyber crooks performed a similar replay of the incident at a cooperative bank in northern India. […]